IOS/IOS-XR
大量に検証コンフィグを作成する時の手法サンプル
Shishio Tsuchiya
[email protected]
はじめに
§ 
今回お話する内容は筆者が普段検証環境にて、使用してる設定手法の共
有です。
§ 
実施前に検証機などで十分確認し、稼働中の実機に投入する際には必ず
自身で確認する様にして下さい。
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
2
Agenda
§ 
IOS/IOS-XEの場合
§ 
IOS-XRの場合
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
3
大量設定をやる前に
archive
path flash:/config-enogmaximum 14
write-memory
IOS#show archive
The maximum archive configurations allowed is 14.
There are currently 1 archive configurations saved.
The next archive file will be named flash:/config-enog--<timestamp>-1
Archive # Name
1
flash:/config-enog-Jun-19-09-12-02.287-0 <- Most Recent
2
§ 
IOS/IOS-XEではデフォルトだとrollback出来ません。
§ 
たった14ですが、無いより大分マシです。
§ 
configure replace でrolback実施
http://tools.bgp4.jp/index.php?cmd=read&page=tools%20team%2Ftools%2FRouter%2FCisco%2FRollback
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
4
これを沢山作りたい
!
ip vrf 1
rd 6500:1
!
interface GigabitEthernet0/0.2
encapsulation dot1Q 2
ip vrf forwarding 1
ip address 10.10.10.1 255.255.255.0
!
§ 
変数は2つだけ
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
5
Tclで書くならこう
for {set x 1} {$x<=100} {incr x} {
set y [expr $x+1]
puts "ip vrf $x"
puts "rd 6500:$x”
puts "interface GigabitEthernet0/0.$y"
puts "encapsulation dot1Q $y"
puts "ip vrf forwarding $x"
puts "ip address 10.10.10.1 255.255.255.0"
}
§ 
xを1から始めて、1個ずつ増やし、100まで
§ 
yはx に1足す
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
6
IOS/IOS-XEではTclが使える
IOS#tclsh
IOS(tcl)#info tclversion
8.3
IOS(tcl)#set var "Hello! World"
Hello! World
§ 
また拡張コマンドとして、ios_config　がありIOS CLコンフィグが実行可能
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
7
初期状態
IOS#show ip interface brief
Interface
IP-Address
GigabitEthernet0/0
10.11.12.7
GigabitEthernet0/1
unassigned
IOS#show ip interface brief | count 0/0
Number of lines which match regexp = 1
§ 
OK? Method Status
Protocol
YES DHCP
up
up
YES NVRAM administratively down down
また拡張コマンドとして、ios_config　がありIOS CLコンフィグが実行可能
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
8
初期状態
IOS#show ip interface brief
Interface
IP-Address
GigabitEthernet0/0
10.11.12.7
GigabitEthernet0/1
unassigned
IOS#show ip interface brief | count 0/0
Number of lines which match regexp = 1
§ 
OK? Method Status
Protocol
YES DHCP
up
up
YES NVRAM administratively down down
また拡張コマンドとして、ios_config　がありIOS CLコンフィグが実行可能
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
9
Tcl ios_config
for {set x 1} {$x<=100} {incr x} {
set y [expr $x+1]
ios_config "ip vrf $x" "rd 6500:$x" "interface GigabitEthernet0/0.$y" "encapsulation dot1Q
$y" "ip vrf forwarding $x" "ip address 10.10.10.1 255.255.255.0"
}
§ 
コマンド毎に””で区切る。
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
10
実施後
IOS(tcl)# for {set x 1} {$x<=100} {incr x} {
+> set y [expr $x+1]
+>$ $y" "ip vrf forwarding $x" "ip address 10.10.10.1 255.255.255.0"
+> }
Jun 19 11:05:22.959: %SYS-5-CONFIG_I: Configured from console by vty0
------IOS(tcl)#
IOS#show ip interface brief | count 0/0
Number of lines which match regexp = 101
§ 
簡単で取りこぼしも少ないが、コンフィグ->Tclのイメージがちょっと難しい？
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
11
Perl （コンフィグファイル作成）
#!/usr/local/bin/perl
for ($x =1; $x <=100; $x++){
$y=$x+1;
print
"!
ip vrf $x
rd 6500:$x
!
interface GigabitEthernet0/0.$y
encapsulation dot1Q $y
ip vrf forwarding $x
ip address 10.10.10.1 255.255.255.0
!
";}
exit;
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
§ 
シンプルコンフィグを大量生産
§ 
コピペすると取りこぼすかも
§ 
ネットワーク経由のコピーならまぁ大丈夫
§ 
ファイルはでかくなる
Cisco Confidential
12
Perl + Treraterm macro
#!/usr/local/bin/perl
for ($x =1; $x <=100; $x++){
$y=$x+1;
print "sendln 'ip vrf $x'\n";
print "wait '#'\n";
print "senln 'rd 6500:$x'\n";
print "wait '#'\n";
print "interface GigabitEthernet0/0.$y'\n";
print "wait '#'\n";
print "encapsulation dot1Q $y'\n";
print "wait '#'\n";
print "ip vrf forwarding $x'\n";
print "wait '#'\n";
print "ip address 10.10.10.1 255.255.255.0'\n";
print "wait '#'\n";
;}
exit;
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
§ 
Teraterm macroと組み合わせちゃう
§ 
sendln 文字列と改行を送る
§ 
wait ‘’の文字を待つ
§ 
Teraterm macroファイルとして実施
§ 
コンフィグの実施が目で確認出来る
§ 
ファイルがでかくなる
Cisco Confidential
13
Teratermマクロでコンフィグを読み出す
fileopen fhandle 'filename.txt' 0
:loop
filereadln fhandle line
if result goto fclose
sendln line
wait '#'
§ 
コンフィグファイルを読み出し
§ 
一行ずつ送る
§ 
#を待つ
§ 
応用は一番効くかも？（単純なコンフィグ
じゃなくて、実際に使用してるコンフィグ
の再現試験時にも使える）
§ 
ファイルが大きいのは一緒
goto loop
:fclose
fileclose fhandle
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
14
Teratermマクロでコンフィグを書いてしまう。
x = 0
do while x < 100
x = x + 1
y = x + 1
int2str countx x
int2str county y
§ 
do/loopの繰り返し whileで抜ける
§ 
int2strで整数値を文字列に変更
sendln 'ip vrf ' countx
wait '#'
sendln 'rd 6500:'countx
wait '#'
sendln 'interface GigabitEthernet0/0.'county
wait '#'
sendln 'encapsulation dot1Q 'county
wait '#'
sendln 'ip vrf forwarding ' countx
wait '#'
sendln 'ip address 10.10.10.1 255.255.255.0'
wait '#'
§ 
sendln/wait
§ 
一番軽い。でも・・・Teratermに依存しす
ぎ？
loop
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
15
Agenda
§ 
IOS/IOS-XEの場合
§ 
IOS-XRの場合
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
16
IOS-XR
§ 
デフォルトでrollbackは可能
§ 
configが間違ってたらshow configuration failedで教えてもらえる
§ 
階層式なコンフィグ表示
§ 
IOS Tclが無い
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
17
IOS-XRとIOSの違い
!
vrf 1
address-family ipv4 unicast
!
ip vrf 1
rd 6500:1
!
!
interface GigabitEthernet0/0/0/0.2
interface GigabitEthernet0/0.2
vrf 1
encapsulation dot1Q 2
ipv4 address 10.10.10.1 255.255.255.0 ip vrf forwarding 1
encapsulation dot1q 2
ip address 10.10.10.1 255.255.255.0
!
!
§ 
設定パラメーターがグローバルユニークでは無い
§ 
実はスクリプトを書くとき、階層を意識する必要があって、めんどくさい。
§ 
実際のコマンドを投入する時は1ラインでの実施も可能
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
18
show running-config formal
RP/0/0/CPU0:IOS-XR#show running-config formal
hostname IOS-XR
vrf 1
vrf 1 address-family ipv4 unicast
interface GigabitEthernet0/0/0/0.2
interface GigabitEthernet0/0/0/0.2 vrf 1
interface GigabitEthernet0/0/0/0.2 ipv4 address 10.10.10.1 255.255.255.0
interface GigabitEthernet0/0/0/0.2 encapsulation dot1q 2
§ 
formal ?な表示をする事ができる
§ 
スクリプトで設定を入れるのであれば、こちらを使用すると良い
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
19
Tclは無いが・・・
RP/0/0/CPU0:IOS-XR#run
Thu Jun 19 13:14:39.231 UTC
# perl -v
This is perl, v5.6.0 built for 4kCopyright 1987-2000, Larry Wall
Perl may be copied only under the terms of either the Artistic License or the
GNU General Public License, which may be found in the Perl 5.0 source kit.
Complete documentation for Perl, including FAQ lists, should be found on
this system using `man perl' or `perldoc perl'. If you have access to the
Internet, point your browser at http://www.perl.com/, the Perl Home Page.
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
20
Tclは無いが・・・
RP/0/0/CPU0:IOS-XR#run
Thu Jun 19 13:14:39.231 UTC
# perl -v
This is perl, v5.6.0 built for 4kCopyright 1987-2000, Larry Wall
Perl may be copied only under the terms of either the Artistic License or the
GNU General Public License, which may be found in the Perl 5.0 source kit.
Complete documentation for Perl, including FAQ lists, should be found on
this system using `man perl' or `perldoc perl'. If you have access to the
Internet, point your browser at http://www.perl.com/, the Perl Home Page.
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
21
vimも使えちゃう
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
VIM - Vi IMproved
version 6.1
by Bram Moolenaar et al.
Vim is open source and freely distributable
type
Help poor children in Uganda!
:help iccf<Enter>
for information
type
type
type
:q<Enter>
:help<Enter> or <F1>
:help version6<Enter>
type
type
Running in Vi compatible mode
:set nocp<Enter>
for Vim defaults
:help cp-default<Enter> for info on this
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
to exit
for on-line help
for version info
Cisco Confidential
22
なので直接編集
# less xr.pl
#!/usr/local/bin/perl
for ($x =1; $x <=100; $x++){
$y=$x+1;
print
“vrf $x address-family ipv4 unicast
interface GigabitEthernet0/0/0/0.$y vrf $x
interface GigabitEthernet0/0/0/0.$y ipv4 address 10.10.10.1 255.255.255.0
interface GigabitEthernet0/0/0/0.$y encapsulation dot1q $y
";}
exit;
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
23
load
# perl xr.pl > xr.txt
#
# exit
RP/0/0/CPU0:IOS-XR#conf t
Thu Jun 19 14:38:54.574 UTC
RP/0/0/CPU0:IOS-XR(config)#lo
load locale logging
RP/0/0/CPU0:IOS-XR(config)#load usr/xr.txt
Loading.
24754 bytes parsed in 1 sec (24268)bytes/sec
RP/0/0/CPU0:IOS-XR(config)#commit
Thu Jun 19 14:39:19.113 UTC
RP/0/0/CPU0:IOS-XR(config)#
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
24
まとめ
§ 
スクリプトと設定ファイルの見た目が同じ（似てる）方がいいかも。
§ 
投入内容を確認出来る手法の方が望ましい
§ 
元に戻せる事も重要
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
25
Thank you.